diff options
Diffstat (limited to '')
-rw-r--r-- | nix/hosts/nixos/wildcat/default.nix | 18 | ||||
-rw-r--r-- | nix/hosts/nixos/wildcat/networking.nix | 51 | ||||
-rw-r--r-- | nix/machines/hardware/vm-hetzner.nix (renamed from nix/hosts/nixos/wildcat/hardware.nix) | 11 | ||||
-rw-r--r-- | nix/machines/vm-hetzner.nix (renamed from nix/hosts/nixos/wildcat/configuration.nix) | 64 |
4 files changed, 66 insertions, 78 deletions
diff --git a/nix/hosts/nixos/wildcat/default.nix b/nix/hosts/nixos/wildcat/default.nix deleted file mode 100644 index 7bde471..0000000 --- a/nix/hosts/nixos/wildcat/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ ... }: { - - imports = [ ./hardware.nix ./networking.nix ./configuration.nix ]; - - boot.tmp.cleanOnBoot = true; - zramSwap.enable = true; - - networking.hostName = "fcuny"; - networking.domain = "net"; - - services.openssh.enable = true; - - users.users.root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" - ]; - - system.stateVersion = "23.11"; -} diff --git a/nix/hosts/nixos/wildcat/networking.nix b/nix/hosts/nixos/wildcat/networking.nix deleted file mode 100644 index c0b4bd0..0000000 --- a/nix/hosts/nixos/wildcat/networking.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ lib, ... }: { - # This file was populated at runtime with the networking - # details gathered from the active system. - networking = { - nameservers = - [ "2a01:4ff:ff00::add:2" "2a01:4ff:ff00::add:1" "185.12.64.1" ]; - defaultGateway = "172.31.1.1"; - defaultGateway6 = { - address = "fe80::1"; - interface = "eth0"; - }; - dhcpcd.enable = false; - usePredictableInterfaceNames = lib.mkForce false; - interfaces = { - eth0 = { - ipv4.addresses = [{ - address = "5.78.87.68"; - prefixLength = 32; - }]; - ipv6.addresses = [ - { - address = "2a01:4ff:1f0:d1a3::1"; - prefixLength = 64; - } - { - address = "fe80::9400:3ff:fe98:d6dc"; - prefixLength = 64; - } - ]; - ipv4.routes = [{ - address = "172.31.1.1"; - prefixLength = 32; - }]; - ipv6.routes = [{ - address = "fe80::1"; - prefixLength = 128; - }]; - }; - - }; - firewall.allowedTCPPorts = [ - 22 # ssh - 80 # nginx - 443 # nginx - ]; - }; - services.udev.extraRules = '' - ATTR{address}=="96:00:03:98:d6:dc", NAME="eth0" - - ''; -} diff --git a/nix/hosts/nixos/wildcat/hardware.nix b/nix/machines/hardware/vm-hetzner.nix index 351c991..89a92a9 100644 --- a/nix/hosts/nixos/wildcat/hardware.nix +++ b/nix/machines/hardware/vm-hetzner.nix @@ -1,13 +1,8 @@ -{ modulesPath, ... }: -{ +{ modulesPath, ... }: { imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; - boot.initrd.availableKernelModules = [ - "ata_piix" - "uhci_hcd" - "xen_blkfront" - "vmw_pvscsi" - ]; + boot.initrd.availableKernelModules = + [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; boot.loader.grub = { enable = true; diff --git a/nix/hosts/nixos/wildcat/configuration.nix b/nix/machines/vm-hetzner.nix index b74f522..03c7135 100644 --- a/nix/hosts/nixos/wildcat/configuration.nix +++ b/nix/machines/vm-hetzner.nix @@ -1,4 +1,66 @@ -{ lib, pkgs, ... }: { +{ pkgs, lib, ... }: { + imports = [ ./hardware/vm-hetzner.nix ./vm-shared.nix ]; + + boot.tmp.cleanOnBoot = true; + zramSwap.enable = true; + + networking.hostName = "fcuny"; + networking.domain = "net"; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" + ]; + + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + nameservers = + [ "2a01:4ff:ff00::add:2" "2a01:4ff:ff00::add:1" "185.12.64.1" ]; + defaultGateway = "172.31.1.1"; + defaultGateway6 = { + address = "fe80::1"; + interface = "eth0"; + }; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce false; + interfaces = { + eth0 = { + ipv4.addresses = [{ + address = "5.78.87.68"; + prefixLength = 32; + }]; + ipv6.addresses = [ + { + address = "2a01:4ff:1f0:d1a3::1"; + prefixLength = 64; + } + { + address = "fe80::9400:3ff:fe98:d6dc"; + prefixLength = 64; + } + ]; + ipv4.routes = [{ + address = "172.31.1.1"; + prefixLength = 32; + }]; + ipv6.routes = [{ + address = "fe80::1"; + prefixLength = 128; + }]; + }; + + }; + firewall.allowedTCPPorts = [ + 22 # ssh + 80 # nginx + 443 # nginx + ]; + }; + services.udev.extraRules = '' + ATTR{address}=="96:00:03:98:d6:dc", NAME="eth0" + + ''; + security.acme = { defaults.email = "acme@fcuny.net"; acceptTerms = true; |